sqlite: login php based on sqlite database

I am tying to create a sqlite based login, but it doesn't read the password propperly from the sqlitedatabase:

<?php $data = new PDO('sqlite:data.db');

session_start();
if (isset($_SESSION['timeout'])) { if ($_SESSION['timeout'] + 20 < time()) { session_destroy(); } }
else { $_SESSION['pass']="" ;  $_SESSION['timeout']=time(); }
if (isset($_POST['pass'])) {$_SESSION['pass']=$_POST['pass'] ; }

if(!empty($_SESSION['pass'])) {

    $result = $data->query("SELECT password FROM users");
    foreach($result as $row) {
        if (password_verify($_SESSION['pass'], $row['password'])) {
            echo "Welcome! You're logged in " .$row['password']. "!  <a href='index.php?logout=true'>logout</a>";
            if(isset($_GET['logout'])) {unset($_SESSION['pass']); header('location: index.php');}
    }
    }

}

else{echo '<form method="POST" action=""><input type="password" name="pass"><form>';}
?>

WHAT'S WRONG WITH MY CODE???

sqlite

dimanche 7 février 2016

login php based on sqlite database

Aucun commentaire:

Enregistrer un commentaire